SUSE-SU-2017:2872-1 -- SLES MozillaFirefox, and, mozilla-nss, libfreebl3, libsoftokn3ID: oval:org.secpod.oval:def:89044548 | Date: (C)2021-06-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for MozillaFirefox and mozilla-nss fixes the following issues: Mozilla Firefox was updated to ESR 52.4 * MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces * MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes * MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode * MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation * MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API * MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE * MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 * MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin * MFSA 2017-22/CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings Mozilla Network Security Services received a security fix: * MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
MozillaFirefox |
mozilla-nss |
libfreebl3 |
libsoftokn3 |